IP reputation for mailfilters

The Spamhaus IP-based block list contains live data on IP addresses that have been observed to be involved in sending or hosting spam, including hijacked servers and computers infected with botnet malware.

Spamhaus also maintains an IP-based eXploits Block List (XBL), which constantly identifies individual machines that are infected with malware.

Emails from listed IP addresses will be dropped as soon the SMTP connection is made, so that bandwidth and server space are not wasted on downloading and storing spam. The Spamhaus IP-based block list provides an effective, transparent, lightweight mechanism for removing the vast majority of junk email at the gateway. Secondary filtering, using more expensive anti-spam resources, can then be used to identify unwanted emails that manage to get through this first layer of defence.

Mail server administrators can use ZEN to block or tag connections from listed IP addresses, preventing the vast majority of spam and harmful emails from entering their networks. The databases are constantly updated by Spamhaus researchers, who work around the clock from ten worldwide locations to identify and list malicious or compromised IP addresses. This team of researchers is also responsible for delisting IP addresses that are no longer associated with malware or spam distribution, following remedial action by IP address owners who have contacted the Spamhaus team.

Senders whose IP addresses are included in a Spamhaus block list will receive a message with a clear return code, to let them know that their email has been rejected. Rather than having their sent emails silently stored in recipients’ spam folders, the rejection message allows senders the opportunity to have their IP addresses removed from the block list if they believe they were listed incorrectly.